// #iam

2 articles

The Gentelman ransomware group gains initial access through RMM vulnerabilities, but its ability to encrypt an entire healthcare network depends on how identity and access management is configured. Strong IAM controls — privileged access segmentation, MFA enforcement on administrative accounts, and service account restrictions — significantly limit what a ransomware operator can encrypt once inside the perimeter.

Jun 4, 2026 #ransomware +8

🔑 IAM

Microsoft Entra ID Entitlement Management SSRF (CVE-2026-35431, CVSS 10.0) — Cloud IAM Attack Surface Disclosed Before Silent Server-Side Fix

A perfect-score SSRF vulnerability in Microsoft Entra ID Entitlement Management allowed unauthenticated network-accessible exploitation of Microsoft's cloud identity governance platform. Microsoft patched it server-side with no customer action required, but the disclosure surfaces a structural question enterprise security teams need to answer: how do you monitor for exploitation of a vulnerability in infrastructure you don't control?

Apr 24, 2026 #entra-id +6

Healthcare Ransomware and Identity: The IAM Controls That Limit Gentelman's Blast Radius

Microsoft Entra ID Entitlement Management SSRF (CVE-2026-35431, CVSS 10.0) — Cloud IAM Attack Surface Disclosed Before Silent Server-Side Fix